}
include 'include/utils.php';
include 'include/mime_type_lib.php';
if (strpos($_POST['path'], '/') === 0 || strpos($_POST['path'], '../') !== FALSE || strpos($_POST['path'], './') === 0) {
die('wrong path');
}
if (strpos($_POST['name'], '/') !== FALSE) {
die('wrong path');
}
$path = $current_path . $_POST['path'];
$name = $_POST['name'];
$info = pathinfo($name);
if (!in_array(fix_strtolower($info['extension']), $ext)) {
die('wrong extension');
}
$pdo = new PDO("mysql:dbname={$dbname};host={$host}", $user, $password);
$fm = new fileMgr($pdo);
$img_size = (string) filesize($path . $name);
// Get the image size as string
$mime_type = get_file_mime_type($path . $name);
// Get the correct MIME type depending on the file.
header('Pragma: private');
header('Cache-control: private, must-revalidate');
header("Content-Type: " . $mime_type);
// Set the correct MIME type
header("Content-Length: " . $img_size);
header('Content-Disposition: attachment; filename="' . $name . '"');
readfile($path . $name);
$mysqlPath = $fm->getFidByPath($path . $name);
$fm->download($mysqlPath['fid'], $_SESSION['uuid']);
exit;
?>
&file=<?php
echo $current_path . $rfm_subfolder . $subdir . $file;
?>
"
href="docs.google.com;" ><i class=" icon-eye-open"></i></a>
<?php
} else {
?>
<a style="display:none;" class="preview disabled"><i class="icon-eye-open icon-white"></i></a>
<?php
}
?>
<?php
$fid = $fm->getFidByPath($current_path . $rfm_subfolder . $subdir . $file);
$starFlag = $fm->isFileStard($fid['fid'], $_SESSION['uuid']);
?>
<a href="javascript:void('')" id="<?php
echo $fid['fid'];
?>
" onclick="starFile(this,'<?php
if ($starFlag) {
echo '取消标星';
} else {
echo '标星';
}
?>
')" class="tip-left star-button star-file" title="<?php
if ($starFlag) {
echo '取消标星';
if (file_exists($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'])) {
duplicate_file($base_dir . $fixed_image_creation_name_to_prepend[$k] . $info['filename'] . $fixed_image_creation_to_append[$k] . "." . $info['extension'], $fixed_image_creation_name_to_prepend[$k] . $name . $fixed_image_creation_to_append[$k]);
}
}
}
} else {
die(lang_Empty_name);
}
}
break;
case 'star_file':
$path_thumb = $_POST['path_thumb'];
$pdo = new PDO("mysql:dbname={$dbname};host={$host}", $user, $password);
$user = new userMgr($pdo);
$fm = new fileMgr($pdo);
$fid = $fm->getFidByPath($path);
if (!$fm->isFileStard($fid['fid'], $_SESSION['uuid'])) {
if ($a = $fm->star($_SESSION['uuid'], $fid['fid'])) {
echo '标星成功';
} else {
echo '标星失败';
}
} else {
$st = $fm->getStarsByUid($_SESSION['uuid']);
$realkey = 0;
foreach ($st as $key => $value) {
if ($value->getFid() == $fid['fid']) {
$realkey = $key;
break;
}
}
